<?php
ob_start();
include("dbinfo.inc.php");
mysql_connect(localhost,$username,$password);
@mysql_select_db($database) or die( "Unable to select database"); 

$query="select ID from Account where userName like '$_POST[userName]';";
$resultID=mysql_query($query);
if (!$resultID) {
  echo "Error selecting ID from Account: " . mysql_error();
  die("");
}
$userID=mysql_result($result,0, "ID");

$query="select ID from Trail where name like '$_POST[trailName]';";
$resultID=mysql_query($query);
if (!$resultID) {
  echo "Error selecting ID from Trail: " . mysql_error();
  die("");
}
$trailID=mysql_result($result,0, "ID");

$query="select ID from Review where trailID=$trailID and userID=$userID;";
$resultID=mysql_query($query);
if (!$resultID) {
  echo "Error selecting ID from Review: " . mysql_error();
  die("");
}
$reviewID=mysql_result($result,0, "ID");

$query="
DELETE FROM Review WHERE ID=$reviewID;
";
if (!mysql_query($query)) {
  echo "Error deleting entry from Review: " . mysql_error();
}

$query="
INSERT INTO Review
VALUES (
	$reviewID,
	$trailID,
	$userID,
	$_POST[rating],
	'$_POST[review]'
)";

if (!mysql_query($query)) {
  echo "Error inserting entry into Review: " . mysql_error();
}

mysql_close();
header("Location: index.php");
ob_flush();
?> 
